[SystemSafety] What do we know about software reliability?

Derek M Jones derek at knosof.co.uk
Tue Sep 15 21:26:09 CEST 2020


Thierry,

> Is there any scientific paper linking defect density to frequency of failure?

There are certainly papers, and they might be regarded as scientific (depending
on your requirements).

I believe the current state is that the various claims involving various data on
defect density have been shown to be flawed (e.g., functions are less likely to contain
faults if they have a certain length, or range of lengths).

This is not to say that the hypothesis are wrong, just not proven by the available
evidence.

A recent post around this subject:
http://shape-of-code.coding-guidelines.com/2020/09/06/impact-of-function-size-on-number-of-reported-faults/

> More generally, all probabilistic theories of software reliability require something unprovable:

If they were provable they would not be probabilistic arguments.

If something cannot be proved, the next best thing is to use a probabilistic
approach.

This fetish for provability leads nowhere.

  how does one prove the “environment” from one test to another has not changed “significantly”? (keep in mind the A501 
test case). In practice, they all measure the randomness of the environment, and not any randomness of a deterministic 
process (aka the software) of which there is none. If we are trying to build a reliability theory of the environment of 
software, then it is a different matter.
> Best regards,
> Thierry Coq
> The opinions expressed here are my own.
> 
> From: systemsafety <systemsafety-bounces at lists.techfak.uni-bielefeld.de> On Behalf Of Martyn Thomas
> Sent: mardi 15 septembre 2020 16:07
> To: systemsafety at lists.techfak.uni-bielefeld.de
> Subject: Re: [SystemSafety] What do we know about software reliability?
> 
> 
> Software in its operating environment does degrade over time.
> 
>    *   What was fit for purpose one year no longer is the year following.
>    *   as software is maintained to fix known errors, the fault density may steadily increase because the maintenance degrades the artchitecture and more defects are introduced. (I have seen this happen gradually to major software systems in my career).
> 
> The failure rates can be determined statistically within scientifically sound confidence levels. To me, "reliability" carries the right message. It may be an imperfect analogy but many words are.
> 
> Martyn
> On 15/09/2020 14:30, Michael Holloway wrote:
> o far too many people (myself included) "reliability" necessarily includes notions of either randomness (for example, given an identical environment, history, design, and manufacturer, component A fails but B does not) or degradation over time.  Because neither notion applies to conventional software, the phrase "software reliability" is (and always will be) to me at best meaningless and at worst misleading.
> 
> 
> **************************************************************************************
> This e-mail and any attachments thereto may contain confidential information and/or information protected by intellectual property rights for the exclusive attention of the intended addressees named above. If you have received this transmission in error, please immediately notify the sender by return e-mail and delete this message and its attachments. Unauthorized use, copying or further full or partial distribution of this e-mail or its contents is prohibited.
> **************************************************************************************
> 
> 
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
> Manage your subscription: https://lists.techfak.uni-bielefeld.de/mailman/listinfo/systemsafety
> 

-- 
Derek M. Jones           Evidence-based software engineering
tel: +44 (0)1252 520667  blog:shape-of-code.coding-guidelines.com


More information about the systemsafety mailing list